Saturday, February 15, 2014

Fast TCP port scanning

One of the first tests that security professional may do on a target is to scan its open TCP ports (a.k.a. TCP listening ports). From there, he/she may infer what applications/servers may be running on the target and move on to discover the vulnerabilities. You can find out if a port is open by using the "telnet" command (there are other commands and tools that can do this too):

If a port (say, 1000) is not open on target "10.3.0.3", here is what you may get:

But if you try to find out all the open TCP ports on a target, you don't want to do it manually since there are 65535 possible ports. You can potentially script the above step but it may be slow too. In this blog, we show it's very easy to do port scanning on NetGend platform and do it fast! Here is the little script for this: